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Amendment(s) to the Drawings: 

The attached replacement sheet includes changes to Fig. 4. This sheet, which includes Fig. 4, 
replaces the replacement sheet filed July 30, 2007 that includes Fig. 4. 



The attached new sheet includes a new Fig. 5. 

Applicant submits that no new subject matter has been introduced by virtue of these 
amendments. 



Attachment: Replacement and New Sheets 
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REMARKS/ARGUMENTS 

This Amendment is in response to the Final Office Action mailed October 10, 
2007. Claims 1-9, 11-13, 17, 18 and 20-22 were pending and examined. 

Claims 1, 3-7, 11-13, 17, 18, 20, and 22 have been amended, claim 2 has been 
canceled without prejudice, and new claims 23-25 have been added. Accordingly, claims 1,3-9, 
11-13, 17, 18, and 20-25 remain pending in the present application after entry of this 
Amendment. Reconsideration of the rejected claims is respectfully requested. 

Objection to the Drawings 

Fig. 4 is objected to because "the added features to Fig. 4 do not correlate to any 
of the previously drawn objects and as a result Fig. 4 is ambiguous. . . if applicant decides to 
present objects 426 and 428 as a separate figure it must be clear how this figure relates to the 
subject matter disclosed in other figures. Disclosing such a relationship in the specification 
would be satisfying." (Office Action: pg. 2). 

Although Applicant does not necessarily agree with the objection, Applicant has 
amended the drawings to expedite prosecution of the present application. In particular, objects 
426, 428 have been removed from Figure 4 and presented as objects 502, 504 in a new Figure 5. 
In addition, the Specification has been amended to reference objects 502, 504 of Figure 5. 

Applicant submits that no new subject matter has been introduced by virtue of 
these amendments. Further, Applicant submits that the subject matter of objects 502, 504 is 
clearly described at various places in the Specification, including, for example, page 7, lines 3-8. 

Accordingly, the objection to the drawings is believed to be overcome. 

Amendments to the Specification 

As discussed above, the Specification has been amended to reference objects 502, 
504 of Figure 5. Applicant submits that no new subject matter has been introduce by virtue of 
these amendments. 
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35 U.S.C. $112 Rejection of Claim 18 

Claim 18 is rejected under 35 U.S.C. §112, second paragraph, as failing to comply 
with the written description requirement. The Office Action asserts "not only the recited 
specification does not suggest that ' the processor includes a content addressable memory and 
wherein the table is stored in an access control list of the content addressable memory' but in 
fact, the specification contradicts the recited limitation: see Fig. 2 and associated text." (Office 
Action: pg. 5; emphasis in original). 

Claim 18 has been amended to recite "wherein the network device includes a 
content addressable memory and wherein the table is stored in an access control list of the 
content addressable memory." Applicant submits that this feature is described in the 
Specification in a manner that satisfies the written description requirement. For example, Fig. 2 
of the present invention illustrates a network device 200 that includes a content accessible 
memory 240. Further, the Specification specifically states that the IP address/MAC address table 
described therein may be stored in an access control list of a content addressable memory: "The 
table which stores the IP address/MAC address pairs can be implemented using an access 
control list, which are data fields, included in a content addressable memory 240, which is 
referred to as an ACL-CAM." (Specification: pg. 6, lines 5-8). 

Accordingly, Applicant respectfully requests that the Section 1 12 rejection of 
claim 18 be withdrawn. 

Newly Presented Claims 23-25 

New claims 23-25 have been added to cover various embodiments of the present 
invention. Applicant submits that these claims are supported by the Specification as filed and do 
not add new matter. Support for claim 23 may be found in the Specification at, for example, 
page 10, lines 18-30. Support for claims 24 and 25 may be found in the Specification at, for 
example, page 7, lines 17-21, and page 8, lines 11-20. 

Previously presented independent claims 1 and 22 have been amended so that 
they now depend from new claim 24. 
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Applicant's independent claim 24 relates to techniques for providing port security 
in a network device (e.g., a Layer 2 switch) using an IP address/MAC address pair table. In one 
embodiment, a data packet is received on a port of the network device, where the data packet 
includes a source IP address and a MAC address. The source IP address and MAC address 
constitute a source IP address and MAC address pair. The MAC address is then checked against 
a source IP address/MAC address pair table in the network device. (Specification: pg. 7, lines 
17-21). If the MAC address is found in the table, the source IP address in the packet is learned. 
As recited in claim 24, this learning process is delayed from the time of receipt of the data packet 
until a predetermined amount of traffic has passed through the port . This delayed approach 
prevents the network device from learning an erroneous source IP address (such as the default IP 
address assigned by Microsoft or Apple operating systems when a DHCP server cannot initially 
be found). (Specification: pg. 8, lines 1 1-20). Once the source IP address is learned, the source 
IP address and MAC address pair in the packet is stored in the source IP address/MAC address 
pair table. This table is used to control the transmission of data packets through the port. 
(Specification: pg. 8, lines 29-30). 

In accordance with the above, independent claim 24 recites, in part: 

determining if the first MAC address is a new MAC address that is not included 
in a table of the network device, the table configured to store a plurality of source IP address and 
MAC address pairs; 

if the first MAC address is a new MAC address, learning the first source IP 
address, wherein the first MAC address and the first source IP address form a first source IP 
address and MAC address pair, and wherein said learning is delayed from a time of receipt of the 
first data packet until a predetermined amount of traffic has passed through the port ; 
(Applicant's claim 24, in part, emphasis added). 
Applicant submits that at least the above-recited features of claim 24 are not 
taught or suggested by the cited references Doyle (U.S. Patent No. 7,134,012, hereinafter 
"Doyle"), Rayes (U.S. Patent No. 7,234,163, hereinafter "Rayes"), Whelan (U.S. Publication No. 
2004/0003285, hereinafter "Whelan"), and/or Sawada (U.S. Patent No. 6,907,470, hereinafter 
"Sawada"), considered individually or in combination. 
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For example, as best understood, none of the cited references teach or suggest 
learning a source IP address of a data packet if the MAC address of the data packet is not found 
in a source IP address/MAC address table, "wherein said learning is delayed from a time of 
receipt of the first data packet until a predetermined amount of traffic has passed through the 
port" as recited in Applicant's claim 24. 

Doyle discloses a technique for detecting IP spoofing using an ARP table 
containing IP address/MAC address pairings. However, the manner in which Doyle's ARP table 
is built is substantially different from Applicant's claim 24. As described in Doyle, a data packet 
is received on a port, and a MAC address in the packet is searched for in the ARP table. (Doyle: 
Fig. 6, steps 600, 610). If the MAC address is not found, the IP address in the packet is validated 
by immediately sending out an ARP request. (Doyle: Fig. 6, steps 615, 625). Nowhere does 
Doyle teach or suggest that the initiation of this validation process (i.e., sending out the ARP 
request) is delayed based on some criterion. Further, nowhere does Doyle teach or suggest that 
this validation process is delayed based on the specific criterion of a predetermined amount of 
traffic being passed though the port . Accordingly, Doyle fails to teach or suggest "wherein said 
learning is delayed from a time of receipt of the first data packet until a predetermined amount of 
traffic has passed through the port " as recited in Applicant's claim 24. (Emphasis added). 

Rayes discloses a technique for preventing spoofing of network addresses using 
an "NMS database" containing IP address/MAC address pairings. However, like Doyle, the 
manner in which Rayes' NMS database is built is substantially different from Applicant's claim 
24. As described in Rayes, a DHCP request is transmitted by a host device to a DHCP server. In 
response, the DHCP server issues an IP address for the MAC address of the host, and transmits 
this information back to the host in the DHCP request. The NMS database then obtains the IP 
address/MAC address binding in the returned DHCP request and stores that binding in the 
database. (Rayes: col. 5, lines 30-51). As best understood, Rayes is completely silent on, for 
example, "determining if the first MAC address [in a received packet] is a new MAC address 
that is not included in a table of the network device" as recited in claim 24. Further, since Rayes 
does not teach anything about determining if a MAC address of a received packet is a new MAC 
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address, Rayes necessarily fails to teach or suggest " if the first MAC address is a new MAC 
address, learning the first source IP address , wherein the first MAC address and the first source 
IP address form a first source IP address and MAC address pair, and wherein said learning is 
delayed from a time of receipt of the first data packet until a predetermined amount of traffic has 
passed through the port " as recited in claim 24. (Emphasis added). 

Whelan is directed to a system for detecting unauthorized wireless access points. 
(Whelan: Abstract). Sawada is directed to a communication apparatus for routing packets sent 
from a user terminal. (Sawada: Abstract). As best understood, Whelan and Sawada do not teach 
or suggest anything about the acts of receiving a data packet and determining if a MAC address 
of the packet is a new MAC address not found in a table of a network device, let alone the act of 
learning a source IP address of the packet if the MAC address is a new MAC address "wherein 
said learning is delayed from a time of receipt of the first data packet until a predetermined 
amount of traffic has passed through the port" as recited in claim 24. 

For at least the foregoing reasons, even if Doyle, Rayes, Whelan, and Sawada 
were combined (although there appears to be no rationale for combining), the resultant 
combination would not teach or suggest all of the features of claim 24. Accordingly, 
independent claim 24 is believed to be allowable over these references. 

Independent claim 25 recites features that are substantially similar to claim 24, 
and is thus believed to be allowable for at least a similar rationale as discussed for claim 24, and 
others. 

Dependent claim 23 depends indirectly from independent claim 24, and is thus 
believed to be allowable for at least a similar rationale as discussed for claim 24. 

Further, Applicant submits that claim 23 recites additional features that 
distinguish over the cited references. For example, claim 23 recites, in part "the network device 
includes a timer configured to clear the table of one or more source IP addresses at 
predetermined time intervals." (Emphasis added). Applicant submits that the feature of an age- 
out timer as recited in claim 23 is not taught or suggested by Doyle, Rayes, Whelan, and/or 
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Sawada. Accordingly, Applicant submits that claim 23 is allowable for at least this additional 
reason. 



35 U.S.C. §102(e) Rejection of Claims 1, 2, 4, and 5 

Claims 1, 2, 4, and 5 are rejected under 35 U.S.C. § 102(e) as being anticipated by 
Doyle. Applicant respectfully submits that Doyle does not disclose each and every element of 
these claims. 

Claim 2 has been canceled without prejudice. Accordingly, the rejection of claim 

2 is moot. 

Claims 1, 4, and 5 have been amended to depend (either directly or indirectly) 
from new claim 24, which is not anticipated or rendered obvious by Doyle as discussed above. 
Accordingly, claims 1, 4, and 5 are believed to be allowable over Doyle for at least a similar 
rationale as discussed for claim 24. 

Further, Applicant submits that claims 1, 4, and 5 recite additional features that 
distinguish over Doyle. For example, claim 5 recites, in part "wherein the table is stored in an 
access control list of a content addressable memory device ." (Emphasis added). The Office 
Action asserts that this feature of storing the table in an access control list of a content address 
memory device is "inherent" because "in order for a computer to be able to operate on content, 
the content must be stored in memory and content (in particular, content stored in memory) is 
referenced by content address." (Office Action: pg. 4). Applicant respectfully disagrees. 

From the assertions in the Office Action, the Examiner apparently interprets the 
recited "content addressable memory" of claim 5 as any type of memory that includes content, 
and that may be referenced by address. This interpretation is incorrect. As is well-known in the 
art, content address memory (CAM) is a specialized type of computer memory. For example, the 
Specification states: "By utilizing a content addressable memory where the functionality of the 
memory is determined by hard wiring (as opposed to a CPU which requires the loading of 
software), the switching of data packets is done at a very high speed." (Specification: pg. 6, lines 
8-11; emphasis added). Since Doyle does not disclose anything about the specific type of 
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memory known as content addressable memory, Doyle necessarily fails to disclose (or even 
suggest) "wherein the table is stored in an access control list of a content addressable memory 
device" as recited in claim 5. 

Accordingly, Applicant submits that claim 5 is allowable over Doyle for at least 
this additional reason. 

35 U.S.C. §102(ey§103(a) Rejection of Claims 11-13. 17. 18. and 20-22 

Claims 11-13, 17, 18, and 20-22 are rejected under 35 U.S.C. §102(e) as being 
anticipated by or, in the alternative, under 35 U.S.C. § 103(a) as being obvious over Rayes. 
Applicant respectfully submits that Raycs docs not teach or suggest the features of these claims. 

Independent claim 17 has been amended to recite features that are substantially 
similar to independent claim 24, which is not anticipated or rendered obvious by Rayes as 
discussed above. Accordingly, claim 17 is believed to be allowable over Rayes for at least a 
similar rationale as discussed for claim 24, and others. 

Dependent claims 11-13, 18, and 20-22 depend (either directly or indirectly) from 
independent claims 24 and 17 respectively, and are thus believed to be allowable over Rayes for 
at least a similar rationale as discussed for claims 24 and 17, and others. 

35 U.S.C. 5103(a) Rejection of Claims 6-8 

Claims 6-8 are rejected under 35 U.S.C. § 103(a) as being unpatentable over 
Doyle in view of Official Notice. Applicant respectfully submits that Doyle, either individually 
or in view of the Official Notice, does not teach or suggest the features of these claims. 

Dependent claims 6-8 depend indirectly from independent claim 24, which is not 
anticipated or rendered obvious by Doyle as discussed above. As best understood, the Official 
Notice asserted in the Office Action does not remedy the deficiencies of Doyle in this regard. 
Accordingly, claims 6-8 are believed to be allowable over Doyle, either individually or in view 
of the Official Notice, for at least a similar rationale as discussed for claim 24, and others. 
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35 U.S.C. §103(a) Rejection of Claim 3 

Claim 3 is rejected under 35 U.S.C. § 103(a) as being unpatentable over Doyle in 
view of Whelan. Applicant respectfully submits that Doyle and Whelan, considered individually 
or in combination, do not teach or suggest the features of this claim. 

Dependent claim 3 depends indirectly from independent claim 24, which is not 
anticipated or rendered obvious by Doyle and/or Whelan as discussed above. Accordingly, 
claim 3 is believed to be allowable over Doyle and Whelan, considered individually or in 
combination, for at least a similar rationale as discussed for claim 24, and others. 

35 U.S.C. §103(a) Rejection of Claim 9 

Claim 9 is rejected under 35 U.S.C. § 103(a) as being unpatentable over Doyle in 
view of Sawada. Applicant respectfully submits that Doyle and Sawada, considered individually 
or in combination, do not teach or suggest the features of this claim. 

Dependent claim 9 depends indirectly from independent claim 24, which is not 
anticipated or rendered obvious by Doyle and/or Sawada as discussed above. Accordingly, 
claim 9 is believed to be allowable over Doyle and Sawada, considered individually or in 
combination, for at least a similar rationale as discussed for claim 24, and others. 

Amendments to the Claims 

Unless otherwise specified, amendments to the claims are made for purposes of 
clarity, and are not intended to alter the scope of the claims or limit any equivalents thereof. The 
amendments are supported by the Specification and do not add new matter. 

CONCLUSION 

In view of the foregoing, Applicants believe all claims now pending in this 
Application are in condition for allowance and an action to that end is respectfully requested. 

If the Examiner believes a telephone conference would expedite prosecution of 
this application, please telephone the undersigned at 650-326-2400. 
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Respectfully submitted, 
/Andrew J. Lee/ 



Andrew J. Lee 
Reg. No. 60,371 

TOWNSEND and TOWNSEND and CREW LLP 

Two Embarcadero Center, Eighth Floor 

San Francisco, California 941 1 1-3834 

Tel: 650-326-2400 

Fax: 415-576-0300 

Attachments 

AJL:mg 

61210514v1 



Page 18 of 18 



